---
Vendor: Ubiquoss
Product: Ubiquoss Switch VP5208A
Discovered by: Juan Manuel Fernandez - Tarlogic (@TheXC3LL)
---
Credential disclosure
----------------------
Ubiquoss Switch VP5208A creates a bcm_password file at /cgi-bin/ with the user credentials in clear-text when a failed login attempt is done. The file can be reached via browser.
Credentials can be used access the system via SSH (or telnet if it is enabled).
Time Line
----------------------
18/09/17 - First attempt to contact vendor.
06/03/18 - Contacted US-CERT with the report.
15/03/18 - ACK from US-CERT. They gave us other e-mail address to try to contact.
15/03/18 - Attempt to contact vendor at the new e-mail address.
09/04/18 - Disclosure